Security vulnerabilities

To fix the security problems, you can either (1) upgrade Drupal or (2) patch Drupal.

We recommend you do the full upgrade (which is also detailed in the security announcement) as the patches do not contain the additional bugfixes that went into the release. Applying the patches will leave your site in an unversioned state and confuse update status module, which will keep reminding you to upgrade to 6.6 or 5.12. Please read the announcement for details on the patches.